cti▌
13 indexed skills · max 10 per page
implementing-diamond-model-analysis
mukul975/Anthropic-Cybersecurity-Skills · implementing-diamond-model-analysis
The Diamond Model of Intrusion Analysis provides a structured framework for analyzing cyber intrusions by examining four core features - Adversary, Capability, Infrastructure, and Victim. This skill covers implementing the Diamond Model programmatically to classify and correlate intrusion events, build activity threads, and generate pivot-ready intelligence.
performing-dark-web-monitoring-for-threats
mukul975/Anthropic-Cybersecurity-Skills · performing-dark-web-monitoring-for-threats
Dark web monitoring involves systematically scanning Tor hidden services, underground forums, paste sites, and dark web marketplaces to identify threats targeting an organization, including leaked cre
analyzing-campaign-attribution-evidence
mukul975/Anthropic-Cybersecurity-Skills · analyzing-campaign-attribution-evidence
Campaign attribution analysis involves systematically evaluating evidence to determine which threat actor or group is responsible for a cyber operation. This skill covers collecting and weighting attr
implementing-stix-taxii-feed-integration
mukul975/Anthropic-Cybersecurity-Skills · implementing-stix-taxii-feed-integration
STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information) are OASIS open standards for representing and transporting cyber threat intelligence.
implementing-taxii-server-with-opentaxii
mukul975/Anthropic-Cybersecurity-Skills · implementing-taxii-server-with-opentaxii
Deploy and configure an OpenTAXII server to share and consume STIX-formatted cyber threat intelligence using the TAXII 2.1 protocol for automated indicator exchange between organizations.
performing-indicator-lifecycle-management
mukul975/Anthropic-Cybersecurity-Skills · performing-indicator-lifecycle-management
Indicator lifecycle management tracks IOCs from initial discovery through validation, enrichment, deployment, monitoring, and eventual retirement. This skill covers implementing systematic processes f
building-threat-intelligence-platform
mukul975/Anthropic-Cybersecurity-Skills · building-threat-intelligence-platform
Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, enriching, and disseminating threat intelligence. T
performing-threat-landscape-assessment-for-sector
mukul975/Anthropic-Cybersecurity-Skills · performing-threat-landscape-assessment-for-sector
Conduct a sector-specific threat landscape assessment by analyzing threat actor targeting patterns, common attack vectors, and industry-specific vulnerabilities to inform organizational risk management.
building-ioc-enrichment-pipeline-with-opencti
mukul975/Anthropic-Cybersecurity-Skills · building-ioc-enrichment-pipeline-with-opencti
OpenCTI is an open-source platform for managing cyber threat intelligence knowledge, built on STIX 2.1 as its native data model. This skill covers building an automated IOC enrichment pipeline using O
performing-malware-ioc-extraction
mukul975/Anthropic-Cybersecurity-Skills · performing-malware-ioc-extraction
Malware IOC extraction is the process of analyzing malicious software to identify actionable indicators of compromise including file hashes, network indicators (C2 domains, IP addresses, URLs), regist